package com.cyc.tools;

import cn.hutool.core.codec.Base64;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    /**
     * cookie对象
     *
     * @return
     */
    public SimpleCookie rememberMeCookie() {
        SimpleCookie cookie = new SimpleCookie("rememberMe");
        // 设置cookie的过期时间，单位为秒，这里为一天
        cookie.setMaxAge(86400);
        return cookie;
    }

    /**
     * cookie管理对象
     *
     * @return
     */
    public CookieRememberMeManager rememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        // rememberme cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度（128 256 512 位），通过以下代码可以获取
        // KeyGenerator keygen = KeyGenerator.getInstance("AES");
        // SecretKey deskey = keygen.generateKey();
        // System.out.println(Base64.encodeToString(deskey.getEncoded()));
        cookieRememberMeManager.setCipherKey(Base64.decode("vXP33AonIp9bFwGl7aT7rA=="));
        return cookieRememberMeManager;
    }

    @Bean
    DefaultSecurityManager securityManager() {
        DefaultSecurityManager defaultSecurityManager = new DefaultWebSecurityManager();
        defaultSecurityManager.setRealm(userRealm());
        //添加 rememberMeManager
        defaultSecurityManager.setRememberMeManager(rememberMeManager());
        return defaultSecurityManager;
    }

    //ShiroFilterFactoryBean3
    @Bean("shiroFilter")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityMananger") DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean Bean = new ShiroFilterFactoryBean();
        //设置安全管理器
        Bean.setSecurityManager(defaultWebSecurityManager);
        /*
            anon:无需认证就可以访问
            authc:必须认证了才能访问
            user:必须拥有 记住我 功能才能访问
            perms: 必须拥有对某个资源的权限才能访问
            role: 拥有某个角色的权限才能访问
         */
        //需过滤的地址
        Map<String, String> map = new LinkedHashMap<>();
        //顺序不能错误
        //需授权才能访问的地址
        map.put("/admin/*","perms[user:all]");
        map.put("/student/*","perms[user:st]");
        map.put("/static/**","anon");
        map.put("/css/**","anon");
        map.put("/Layui/**","anon");
        map.put("/js/**","anon");
        map.put("/**","user");

        //设置登出
        map.put("/logout", "logout");
        //将过滤地址保存
        Bean.setFilterChainDefinitionMap(map);
        //设置登录的地址
        Bean.setLoginUrl("/login");
        //未授权的跳转页面
        Bean.setUnauthorizedUrl("/login");
        return Bean;
    }
    //DefaultWebSecurityMananger2
    @Bean(name = "securityMananger")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
        DefaultWebSecurityManager SecurityManager = new DefaultWebSecurityManager();
        //关联realm
        SecurityManager.setRealm(userRealm);
        return SecurityManager;
    }
    //创建realm对象，自定义类1
    @Bean
    public UserRealm userRealm(){
        return new UserRealm();
    }
}
